It is impossible to provide absolute security for our computers just as it is impossible to provide absolute security for ourselves and our possessions in the physical world. No technology, configuration, or product will completely eliminate risk. Additionally, an open network with free choice in communications, computing platforms, and applications implies acceptance of additional risk beyond that experienced in a tightly controlled, restricted environment.
There are 600 million people connected to the Internet and we cannot control their actions. They have world-wide, almost instantaneous and anonymous access to our computers' network ports. There are practical compromises in the design of our computers and networks that may leave them vulnerable to certain activities. Accordingly, we must temper our actions with awareness and take some precautions.
It is difficult to solve or avoid a problem we don't know about. Information about immediate threats is posted to the Computing Alerts page and threat trends are summarized in the security awareness material at password change time.
Whether we lose computer data because of hardware failure, mistakes, or system compromise, it is important that we have a means to restore the data if it is critical or hard to reproduce. Accordingly, regular backups are important:
Several system compromises have come about because warning messages were ignored.
Decision makers, designers, developers, and service providers have special responsibilities. They affect the types of things we do with our computers as part of our day to day activities and likely control access to our data and services. These people must elevate security to the same level of concern as they do ease of use, supportability, and functionality during the design and development process. Just as they have a responsibility to provide a usable, supportable, functional service, they also have a responsibility to provide confidentiality, privacy, data integrity, and availability. Security must be an integral factor in all design decisions...not an add-on.
Every product and platform has its own security issues just as they have their own configuration, interoperability, and performance issues. The product expert's expertise and responsibility must not be limited to getting it running, improving its appearance, or making it easy to use and support. They must make sure it is running safely. Here are a few generic issues to consider:
A good system administrator regularly check logs and other monitoring tools to determine the operating status of their computer. The proactive monitoring may head off a surprising hardware failure, capacity bottleneck, or system break-in. Similarly, the system should be checked against external benchmarks occasionally to determine the system's level of vulnerability.
The Center for Internet Security publishes benchmarks for various systems.
Even in the real world, preventive security measures are not expected to provide protection indefinitely. An assumption is made that an intrusion event will be detected and that someone will intervene in a finite amount of time. The protective device or procedure only needs to provide protection for the time it takes to detect and respond to the event. We must set up alarm systems and response mechanisms for our computers because our systems are not impervious to attack no matter how careful we are or how much money we spend on preventive measures.
For desktop systems, intrusion detection and response may simply consist of becoming aware of unexpected operation and notification of support staff. Anti virus tools and desktop firewalls can be viewed as intrusion attempt detection systems. Similar tools like iptables and snort exist for unix systems. Critical and shared systems probably require more stringent measures.
If a system provides a critical service and/or one that many people depend upon, the system generally needs more professional administration. Things like capacity planning, account management, error monitoring, and performance tuning are expected. In addition to these tasks, a system requires regular audits and event detection in order to help ensure its integrity.
System logs, system configuration, and operational characteristics should be regularly monitored for signs of attempted or successful system compromise.
While this monitoring can be done manually, such efforts result in response times that are tied to the manual procedures which may not be appropriate for critical or sensitive systems. In addition, the monitoring is often tedious, complex, and detail oriented which can lead to mistakes and oversights.
Examples of the checks that need to be performed on a system, whether manually or automatically, are included in CERT's Windows NT Intruder Detection Checklist and Unix Intruder Detection Checklist. Aftermarket software can automate this functionality and should be considered part of the cost of providing a service along with the hardware and functional software.
With a population of 300,000,000 people, cyberspace is a very large community with the inevitable result that some folks will perform actions that we may not agree with. If you suspect computer abuse, you can submit a violation report through the web or report it via email to email@example.com. This will trigger a formal security incident report which will be assessed by the JMU Computer Incident Response Team.
If you suspect your computer has been broken into or if you suspect your computer is infected with a virus and it is running Symantec Anti-Virus:
Whether consciously or not, we humans constantly assess our environment for threats and adjust our actions accordingly. Put into an unfamiliar environment, with unfamiliar rules, our defensive systems may become disoriented and ineffective. As we increasingly depend upon interactions with computers and their associated information, we are going to need to become familiar with the threats in this complex, fast changing environment. R.U.N.S.A.F.E. is an attempt to bring the most important issues to your attention.